CVE-2012-1571 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1571): file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference. @base-system, may we proceed to stabilize =sys-apps/file-5.11 ?
x86 stable
amd64 stable
alpha/arm/ia64/m68k/s390/sh/sparc stable
ppc/ppc64 stable
Stable for HPPA.
Thanks, everyone. GLSA draft is ready for review.
This issue was resolved and addressed in GLSA 201209-14 at http://security.gentoo.org/glsa/glsa-201209-14.xml by GLSA coordinator Sean Amoss (ackle).